Set default 'forwarded for' headers for reverse proxy

[RobinMcCorkell]

The vast majority of use cases of reverse proxy functionality will be with the 'X-Forwarded-For' HTTP header, so this PR sets that as the default. It will continue to be restricted by trusted_proxies, so there is no additional security impact.

Also adds a basic setup check to highlight any glaring issues an admin might have. It can be extended later if necessary.

Requires owncloud-archive/documentation#1361 for doc link. Go review it 😄

Spoke to @LukasReschke about security, he said it's OK as long as it is documented properly ^^

[ghost]

🚀 Test PASSed.🚀

[karlitschek]

looks good to me 👍

[LukasReschke]

Will test tomorrow.

[RobinMcCorkell]

@LukasReschke How did your test go? 🙈

[RobinMcCorkell]

@LukasReschke ping

[LukasReschke]

Sorry. Simply forgot to feedback here. Works as advertised. Needs rebased though 😄 👍

[DeepDiver1975]

rebased ...

[RobinMcCorkell]

@DeepDiver1975 Thanks 😄

[ghost]

💣 Test FAILed. 💣

[RobinMcCorkell]

18:18:33 PhantomJS 1.9.8 (Linux 0.0.0) OC.SetupChecks tests checkSetup should return an error if the php version is no longer supported FAILED
18:18:33    Expected [ 'Your PHP version (5.4.0) is no longer <a href="https://secure.php.net/supported-versions.php">supported by PHP</a>. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by PHP.', 'The reverse proxy headers configuration is incorrect, or you are accessing ownCloud from a trusted proxy. If you are not accessing ownCloud from a trusted proxy, this is a security issue and can allow an attacker to spoof their IP address as visible to ownCloud. Further information can be found in our <a href="{docLink}">documentation</a>.' ] to equal [ 'Your PHP version (5.4.0) is no longer <a href="https://secure.php.net/supported-versions.php">supported by PHP</a>. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by PHP.' ].
18:18:33        at /var/jenkins/workspace/pull-request-analyser-ng-simple@3/label/SLAVE/core/js/tests/specs/setupchecksSpec.js:206

[scrutinizer-notifier]

A new inspection was created.

[ghost]

🚀 Test PASSed.🚀